Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BBEFB1ACF32F11EFAEC1D882762E951A.roa
File: BBEFB1ACF32F11EFAEC1D882762E951A.roa (raw, json)
Hash identifier: VX7ComsriQgDSIL2ih9BQEfYATSIYoweP7mxN4VowqE=
Subject key identifier: 48:87:5A:1F:E6:FF:4E:FD:98:22:8D:21:9C:0E:5D:9E:88:1B:06:76
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 015D0D
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BBEFB1ACF32F11EFAEC1D882762E951A.roa
Signing time: Tue 25 Feb 2025 04:19:41 +0000
ROA not before: Tue 25 Feb 2025 04:19:37 +0000
ROA not after: Mon 07 Apr 2025 04:19:37 +0000
asID: 138915
IP address blocks: 154.223.54.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89357 (0x15d0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF
Validity
Not Before: Feb 25 04:19:37 2025 GMT
Not After : Apr 7 04:19:37 2025 GMT
Subject: CN=67bd44dd-2165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f3:9e:0d:48:2c:0c:e7:d6:94:1d:51:82:6f:
63:cd:19:d5:1e:3e:36:18:8d:a2:8b:fe:bc:c1:55:
8e:02:4c:e5:af:64:5b:26:8f:2b:b3:c2:fb:07:b4:
d7:0c:a6:eb:c2:eb:a6:2e:d4:c5:d1:0e:ab:4f:6c:
ff:b5:67:05:04:8d:18:88:d1:be:ad:62:19:9a:f1:
c3:0b:e9:42:1c:3e:68:2c:4c:9b:00:a9:2f:d9:4e:
93:88:0f:a9:e9:f2:8f:b2:dd:61:f7:cc:79:0e:93:
af:84:ee:72:c8:1b:5e:71:e0:99:64:00:52:a6:dc:
ee:b6:78:c0:1a:85:de:97:ff:19:d2:ab:d6:43:58:
21:4d:4e:ad:be:5a:fd:c4:bd:4a:64:de:cc:ca:4b:
e1:4c:71:42:7f:bf:1a:27:0d:97:37:6b:21:29:15:
e8:7c:62:ba:ca:1b:32:09:10:69:a0:39:cc:5d:5f:
d8:27:be:33:9e:e9:9c:cb:97:4a:d0:38:b6:1b:e8:
1c:da:9e:cf:aa:0f:00:56:36:f9:90:e3:8b:ca:0b:
ed:50:bd:49:43:6e:61:09:0f:46:85:04:39:38:d2:
1a:99:e9:5c:87:0d:9a:bd:c9:bc:ec:1a:40:fa:0b:
60:0a:29:0a:c3:b7:c8:05:23:64:27:6f:4d:61:0f:
cf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:87:5A:1F:E6:FF:4E:FD:98:22:8D:21:9C:0E:5D:9E:88:1B:06:76
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BBEFB1ACF32F11EFAEC1D882762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.223.54.0/23
Signature Algorithm: sha256WithRSAEncryption
01:fd:8c:79:9d:e9:7e:d3:0f:58:f8:f7:c6:cf:1c:e2:fb:3b:
55:95:48:b3:b7:c2:4b:61:2d:60:a3:8e:dd:d0:88:0f:d2:e1:
75:95:58:b2:ac:cb:b8:b8:a4:8b:66:43:b2:b0:13:a3:dc:13:
63:a8:1b:83:aa:a3:2a:76:55:fa:2f:f2:55:03:c9:2c:e5:41:
05:33:72:d6:b8:56:0a:bf:82:93:8b:2e:8e:de:49:e4:ec:35:
24:4a:df:1f:44:f0:bc:1a:65:0c:87:96:e4:d0:97:79:8a:90:
9d:f2:ee:f6:ff:8f:41:53:1e:ff:fd:43:ac:2c:35:c9:51:3a:
36:7a:22:b2:26:f4:fd:c3:63:d5:f4:81:87:28:ff:75:a8:4e:
85:55:9f:0b:f7:4e:b9:0d:eb:e4:4e:df:7a:b3:25:ca:b4:5b:
5c:8b:b2:1e:0a:26:6b:07:5d:de:57:3d:63:95:09:ad:fe:62:
bf:c0:18:ac:a4:7d:24:30:2e:a9:19:ec:8e:51:3f:fc:07:ed:
fc:8a:d5:41:1e:8a:c0:50:11:8c:05:40:d5:1b:9c:00:ae:60:
29:2d:a1:17:52:89:37:a1:99:09:6d:c2:d6:e1:f1:3b:0a:ea:
bb:c1:95:d8:99:e8:fb:4e:5a:5e:20:09:9c:2c:1f:79:48:2d:
bb:e2:aa:3d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAV0NMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwMjI1MDQxOTM3WhcNMjUwNDA3MDQxOTM3WjAYMRYw
FAYDVQQDEw02N2JkNDRkZC0yMTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA4/OeDUgsDOfWlB1Rgm9jzRnVHj42GI2ii/68wVWOAkzlr2RbJo8rs8L7
B7TXDKbrwuumLtTF0Q6rT2z/tWcFBI0YiNG+rWIZmvHDC+lCHD5oLEybAKkv2U6T
iA+p6fKPst1h98x5DpOvhO5yyBteceCZZABSptzutnjAGoXel/8Z0qvWQ1ghTU6t
vlr9xL1KZN7MykvhTHFCf78aJw2XN2shKRXofGK6yhsyCRBpoDnMXV/YJ74znumc
y5dK0Di2G+gc2p7Pqg8AVjb5kOOLygvtUL1JQ25hCQ9GhQQ5ONIamelchw2avcm8
7BpA+gtgCikKw7fIBSNkJ29NYQ/PJwIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFEiH
Wh/m/079mCKNIZwOXZ6IGwZ2MB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CQkVGQjFBQ0YzMkYxMUVGQUVDMUQ4ODI3NjJFOTUxQS5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmt82MA0GCSqGSIb3DQEB
CwUAA4IBAQAB/Yx5nel+0w9Y+PfGzxzi+ztVlUizt8JLYS1go47d0IgP0uF1lViy
rMu4uKSLZkOysBOj3BNjqBuDqqMqdlX6L/JVA8ks5UEFM3LWuFYKv4KTiy6O3knk
7DUkSt8fRPC8GmUMh5bk0Jd5ipCd8u72/49BUx7//UOsLDXJUTo2eiKyJvT9w2PV
9IGHKP91qE6FVZ8L9065DevkTt96syXKtFtci7IeCiZrB13eVz1jlQmt/mK/wBis
pH0kMC6pGeyOUT/8B+38itVBHorAUBGMBUDVG5wArmApLaEXUok3oZkJbcLW4fE7
Cuq7wZXYmej7TlpeIAmcLB95SC274qo9
-----END CERTIFICATE-----
Generated at Thu Apr 10 22:06:29 2025 by rpki-client